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- The MAILING DATE of this communication appears 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

I )^ Responsive to communication(s) filed on 26 October 2000 . 
2a)D This action is FINAL. 2b)(SI This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1, 453 O.G. 213. 

Disposition of Claims 

4) £3 Claim(s) 1-28 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 7-28 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^ The specification is objected to by the Examiner. 

10)[E1 The drawing(s) filed on 26 October 2000 is/are: a)E3 accepted or b)Q objected to by the Examiner. 
Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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a) □ The translation of the foreign language provisional application has been received. 
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DETAILED ACTION 

1. Claims 1-28 are pending. A formal action on the merits of claims 1-28 follows. 

Drawings 

2. The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they 
include the following reference sign(s) not mentioned in the description: 54 in Figure 2, 
Network Interface(s). A proposed drawing correction, corrected drawings, or amendment to the 
specification to add the reference sign(s) in the description, are required in reply to the Office 
action to avoid abandonment of the application. The objection to the drawings will not be held in 
abeyance. 

Claim Rejections - 35 USC § 112 

3. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

4. Claim 7 recites the limitation "said network device" in line 13. There is insufficient 
antecedent basis for this limitation in the claim. Applicant must clearly distinguish whether "the 
device" refers to the "first network device" or "the second network device." 



9 



Application/Control Number: 09/698,968 Page 3 

Art Unit: 2143 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21 (2) of such treaty in the English language. 

6. Claims 1-12 are rejected under 35 U.S.C. 102(e) as being anticipated by Vaid et al. (U.S. 
6,502,131). 

With respect to claim 1, Vaid teaches a method for propagating filters to an upstream 
device comprising: 

generating a filter at a first network device [Vaid Col. 10 lines 5-7 and 11-12, Col. 14 
lines 57-59 and Col. 17 lines 4-8 - Bandwidth management tool, running on a server, i.e. 
first network device, creates/specifies traffic policies, i.e. filters, to control the behavior of 
the traffic]; 

sending information on said filter to a second network device located upstream from said 
first network device [Vaid -- Col. 25 lines 47-49, lines 53-57 and lines 66-67 - Meta-policy 
service, running on server with monitoring tool software, distributes policies, i.e. filters, to 
intelligent agents, i.e. routers, switches, firewalls, etc., on the network, which inherently 
reside upstream from actual servers (See Figures 4, 5 and 16)]; and 
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requesting said second network device to install said filter [Vaid — Col. 25 lines 66-67 
and Col. 26 lines 50-54 - By using intelligent agents to actively participate in policy 
management, traffic policies, which are distributed, are required and therefore inherently 
installed by meta-policy service in order to provide multi-layer policy support]. 

With respect to claim 2, Vaid further teaches wherein generating a filter at a first network 
device comprises automatically generating said filter based on network flow entering the device 
[Vaid -- Col. 13 lines 57-67 and Col. 17 lines 23-26 and lines 33-37 - Upon detecting a given 
event or certain criteria being met, policy, i.e. filter, is automatically generated and put into 
effect]. 

With respect to claim 3, Vaid further teaches receiving information based on monitored 
network flow and removing said filter from the first network device when the network flow 
requiring said filter is no longer present [Vaid -- Figure 8, Col. 10 lines 56-60 and Col. 17 lines 
37-43 - After invoking policy, system continues to measure parameters and criteria to 
determine if policy should still be applied or not. If criteria does not warrant policy to 
continue, it would be removed]. 

With respect to claim 4, Vaid further teaches requesting said upstream device to remove 
said filter [Vaid - Col. 25 lines 66-67 - Meta-policy service distributes and updates policies 
to intelligent agents, i.e. routers, switches, firewalls, etc., as policies are created or 
changed]. 
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With respect to claim 5, Vaid further teaches refining said filter at said first network 
device based on said monitored network flow [Vaid — CoL 10 lines 56-60 and Col. 17 lines 23- 
43 _ System continually cycles through measuring traffic, i.e. network, flow and applying 
applicable policies, thereby refining the policies implemented so that the proper one for the 
proper time with the proper measurements is put in place]. 

With respect to claim 6, Vaid further teaches requesting the upstream network device to 
refine said filter [Vaid -- Col. 25 lines 66-67 - Meta-policy service distributes and updates 
policies to intelligent agents, i.e. routers, switches, firewalls, etc., as policies are created, 
changed or refined]. 

With respect to claim 7, Vaid further teaches wherein generating a filter comprises 
detecting potentially harmful network flows and generating a filter to prevent packets 
corresponding to said detected potentially harmful network flows from passing through said 
network device [Vaid -- Col. 11 lines 1-12 and Col. 28 lines 37-40 - Harmful network flows, 
such as traffic bursts, can cause a server to crash or not allow critical traffic to get through 
the network. Intelligent agents, i.e. routers, switches, firewalls, etc., have the ability, 
depending on the policy sent to them, to block/drop/queue or modify packets]. 

With respect to claim 8, Vaid further teaches wherein generating filters further comprises 
classifying network flow based on a source device sending a packet [Vaid -- Col. 27 lines 34-39 
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- Policies, i.e. filters, define monitoring and control actions, which can be classified by 
source, i.e. device sending packet]. 

With respect to claim 9, Vaid further teaches wherein the network flow is classified based 
on an address of the source device [Vaid Col. 10 lines 17-22 - Monitoring of network traffic 
flow is classified in numerous ways, one of which is by source address of device sending 
packets]. 

With respect to claim 10, Vaid further teaches wherein generating filters comprises 
analyzing network flow entering said first network device [Vaid -- Col. 10 lines 41-47 - 
Network flow can be monitored at one or more nodes on the network, including the main 
monitoring server, i.e. first network device, and intelligent agents such as routers, switches, 
firewalls, etc...]. 

With respect to claim 11, Vaid further teaches wherein analyzing said network flow is 
performed by software [Vaid Figure 9 (traffic monitoring application) and Col. 10 lines 2- 
5 - Monitoring tool is software based]. 

With respect to claim 12, Vaid further teaches selecting a class of network flows to 
analyze based on previously analyzed network flows [Vaid Col. 10 lines 56-60 and Col. 17 
lines 33-43 - After a policy is invoked, measurements regarding the invocation of that 
particular policy continue to be taken, i.e. class of networks flows are analyzed based upon 
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past analyzed network flows, to ensure policy needs to remain in place as network 
conditions change]. 

7. Claims 13-17 are rejected under 35 U.S.C. 102(e) as being anticipated by Vaid et al. 
(U.S. 6,502,131). 

With respect to claim 13, Vaid teaches a computer program product for propagating a 
filter to an upstream device [Vaid - Col. 3 lines 25-29, lines 55-57 and Col. 3 lines 66-67 - 
Col. 4 line 1 - Software runs management tool which is responsible for creating and 
invoking policies which are then distributed to intelligent agents]. The remaining limitations 
in claim 13 are similar to the limitations in claim 1. Therefore, they are rejected under the same 
rationale. 

With respect to claim 14, Vaid further teaches wherein the computer readable medium is 
selected from the group consisting of CD-ROM, floppy disk, tape, flash memory, system 
memory, hard drive, and data signal embodied in a carrier wave [Vaid -- Col. 3 lines 25-29 - 
Software management tool, which is responsible for creating and invoking policies, is 
stored in computer memory]. 

With respect to claim 15, this is a computer program product claim corresponding to the 
method claimed in claim 7. It has similar limitations; therefore, claim 15 is rejected under the 
same rationale. 
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With respect to claims 16-17, these are computer program product claims corresponding 
to the methods claimed in claims 3-4. They have similar limitations; therefore, claims 16-17 are 
rejected under the same rationale. 

8. Claim 18 is rejected under 35 U.S.C. 102(e) as being anticipated by Vaid et al. (U.S. 
6,502,131). 

With respect to claim 18, this is a system claim corresponding to the method claimed in 
claim 1. It has similar limitations; therefore, claim 18 is rejected under the same rationale. 

9. Claims 19-20 are rejected under 35 U.S.C. 102(e) as being anticipated by Vaid et al. 
(U.S. 6,502,131). 

With respect to claim 19, Vaid teaches a method for installing filters on connected 
network devices, comprising: 

analyzing network flows received at a first network device [Vaid — Col. 10 lines 41-47 - 
Management tool allows monitoring of one or more nodes, i.e. devices, such as servers, 
routers, switches, firewalls, etc..., i.e. first network device]; 

generating a filter at a second network device based on said analyzed flows [Vaid Col. 
10 lines 5-7 and 11-12, Col. 14 lines 57-59 and Col. 17 lines 4-8 - Bandwidth management 
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tool, running on a server, i.e. second network device, creates/specifies traffic policies, i.e. 
filters, to control the behavior of the traffic]; and 

propagating said filter from the second network device to the first network device [Vaid - 
- Col. 25 lines 47-49, lines 53-57 and lines 66-67 - Meta-policy service, running on server 
with monitoring tool software, distributes policies, i.e. filters, to intelligent agents, i.e. 
routers, switches, firewalls, etc., i.e. first network devices]. 

With respect to claim 20, Vaid further teaches wherein propagating said filter comprises 
propagating filter information upstream such that said filter is positioned closer to a source of 
said flows [Vaid -- Col. 25 lines 47-49, lines 53-57 and lines 66-67 - Meta-policy service, 
running on server with monitoring tool software, distributes policies, i.e. filters, to 
intelligent agents, i.e. routers, switches, firewalls, etc., on the network, which inherently 
reside upstream, i.e. closer to source, (See Figures 4, 5 and 16)]. 



10. Claims 21-24 are rejected under 35 U.S.C. 102(e) as being anticipated by Vaid et al. 
(U.S. 6,502,131). 

With respect to claim 21, Vaid teaches a method for updating filters on a device, 
comprising: 

receiving data at an upstream device [Vaid -- Figure 4 and Col. 2 lines 59-61 - Flow of 
information is received at an upstream device, i.e. router, switch, firewall, etc...]; 
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filtering at least a portion of the data before sending the data to a downstream device 
[Vaid ~ Col. 25 lines 47-49, lines 53-57, lines 66-67 and Col. 28 lines 37-40 - Meta-policy 
service, running on server with monitoring tool software, distributes policies, i.e. filters, to 
intelligent agents, i.e. routers, switches, firewalls, etc., on the network, which then actively 
participate in enforcing, i.e. filtering, data before heading downstream]; 

sending statistics based on the data received at the upstream device to the downstream 
device [Vaid -- Col. 10 lines 6-7, lines 11-12 and lines 41-47 - Traffic monitored at upstream 
device is viewed and analyzed at downstream device, i.e. server]; 

receiving filter information from the downstream device [Vaid -- Col. 25 lines 47-49, 
lines 53-57 and lines 66-67 - Meta-policy service, running on server with monitoring tool 
software, distributes policies, i.e. filters, to intelligent agents, i.e. routers, switches, firewalls, 
etc., on the network, which inherently reside upstream from actual servers (See Figures 4, 
5 and 16)]; and 

updating a filter installed on the upstream device [Vaid -- Col. 25 lines 66-67 - Meta- 
policy service distributes and updates policies to intelligent agents, i.e. routers, switches, 
firewalls, etc., i.e. upstream devices, as policies are created or changed, based upon 
network flow statistics]. 

With respect to claim 22, Vaid further teaches wherein receiving filter information 
comprises using a filter propagation protocol [Vaid -- Col. 23 lines 40-42 - Policies are 
communicated to other devices, i.e. propagated, using a policy exchange protocol, i.e. filter 
propagation protocol]. 
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With respect to claim 23, Vaid further teaches wherein the filter propagation protocol is 
operable to create, remove, or modify existing filters [Vaid -- Figure 8, Coi. 10 lines 56-60 and 
Col. 17 lines 37-43 - System has ability to create, i.e. invoke policy upon which system 
continues to measure parameters and criteria to determine if policy should still be applied 
or not If criteria does not warrant policy to continue, it would be removed. Also, policy 
can be changed, i.e. modified, if monitoring conditions are changed by applying another 
filter]. 

With respect to claim 24, Vaid further teaches wherein the filter propagation protocol 
uses negative routing [Vaid -- Col. 10 lines 56-60, Col. 17 lines 23-43 and Col. 28 lines 37-40 - 
System allows all packets to be routed to their proper location unless measurements cause a 
policy to be invoked causing certain packets not to be forwarded, i.e. negative routing]. 

1 1 . Claims 25-26 are rejected under 35 U.S.C. 102(e) as being anticipated by Vaid et al. 
(U.S. 6,502,131). 

With respect to claim 25, Vaid teaches a method for propagating filters to an upstream 
device, comprising: 

sending filter information to the upstream device [Vaid -- Col. 25 lines 47-49, lines 53- 
57 and lines 66-67 - Meta-policy service, running on server with monitoring tool software, 
distributes policies, i.e. filters, to intelligent agents, i.e. routers, switches, firewalls, etc., on 



Application/Control Number: 09/698,968 Page 12 

Art Unit: 2143 

the network, which inherently reside upstream from actual servers (See Figures 4, 5 and 
16)]; 

receiving flow information based on network flow received at the upstream device; 
analyzing said flow information [Vaid Col. 10 lines 6-7, lines 11-12 and lines 41-47 - 
Traffic monitored at upstream device is viewed and analyzed at downstream device, i.e. 
server]; and 

sending updated filter information to the upstream device [Vaid — Figure 8, Col. 10 
lines 56-60, Col. 17 lines 37-43 and Col. 25 lines 66-67 - After invoking policy, system 
continues to measure parameters and criteria to determine if policy should still be applied 
or not. Meta-policy service distributes and updates policies to intelligent agents, i.e. 
routers, switches, firewalls, etc., as policies are modified or changed, based upon 
statistics]. 

12. Claim 27 is rejected under 35 U.S.C. 102(e) as being anticipated by Vaid et al. (U.S. 
6,502,131). 

With respect to claim 27, Vaid teaches a system for propagating filters to an upstream 
device comprising a processor [Vaid -- Col. 9 line 52 - Microprocessor system]; and a memory 
for storing said flow information [Vaid -- Col. 3 line 29 and Col. 31 lines 41-43 - Memory for 
storing information, including statistical flow information]. The remaining limitations in 
claim 27 are similar to the limitations of the method of claim 25. Therefore, the remaining 
limitations in this claim are rejected under the same rationale. 
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13. Claim 28 is rejected under 35 U.S.C. 102(e) as being anticipated by Vaid et al. (U.S. 
6,502,131). 



With respect to claim 28, Vaid teaches a system for updating filters on a device 
comprising a processor [Vaid - Col. 9 line 52 - Microprocessor system]; and memory 
operable to at least temporarily store said filter information [Vaid — Col. 3 line 29 and Col. 31 
lines 41-43 - Memory for storing information, including statistical flow information]. The 

remaining limitations in this claim contain limitations similar to those claimed in the method of 
claim 21 . Therefore, claim 28 is rejected under the same rationale. 



Claim Rejections - 35 USC § 103 

14. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

15. Claim 26 is rejected under 35 U.S.C. 103(a) as being unpatentable over Vaid et al. (U.S. 
6,502,131), as applied to claim 25 above, in view of Chiu et al. (U.S. 5,883,901). 



Regarding claim 26, Vaid teaches the invention substantially as claimed, as 
aforementioned in claim 25 above, but fails to teach keeping count of received packets and 
dropped packets. 
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Chiu, however, teaches a router which keeps track of received packets and the number of 
dropped packets [Chiu Col. 30 lines 43-54]. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to incorporate counting of received and dropped packets, as taught by Chiu into the invention of 
Vaid, in order to provide greater statistical data and flexibility to make better informed decisions 
upon which policies to activate at a given time. 

Conclusion 

16. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

- Putzolu (U.S. 6,578,076) discloses a system for managing a network and various 
nodes on the network using dynamic policies. 

- Eichert et al. (U.S. 6,393,474) discloses a system management apparatus using 
dynamic policies on active network devices. 

- Nessett et al. (U.S. 5,968,176) discloses a multilayer firewall system using distributed 
policies to manage the system. 



Chen et al. (U.S. 6,636,524) discloses a method of counting the number of received 
data packets for a given network device, i.e. switch (This reference is applicable to 
claim 26 by Col 4 lines 12-13). 
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- Walrand et al. (U.S. 6,647,413) discloses a method for keeping track and counting the 
number of dropped packets while monitoring a network (This reference is applicable 
to claim 26 by Col. 1 lines 60-62). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Thomas J. Mauro Jr. whose telephone number is 703-605-1234. 
The examiner can normally be reached on M-F 8:00a.m. - 4:30p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A. Wiley can be reached on 703-308-5221. The fax phone number for the 
organization where this application or proceeding is assigned is 703-746-7239. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-3900. 




TJM 

December 31, 2003 




